X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=doc%2Ftinc.conf.5.in;h=ce690308c05bec244d655b30e624ae47312a2a6a;hp=66aee4b6e59900d89c0c9285f9bf5b980f14fb25;hb=23acc19bc090051156ad895caed61848f5afb144;hpb=8dfe1b374e165ecba5d3ae324ee834d337476be8

diff --git a/doc/tinc.conf.5.in b/doc/tinc.conf.5.in
index 66aee4b6..ce690308 100644
--- a/doc/tinc.conf.5.in
+++ b/doc/tinc.conf.5.in
@@ -344,6 +344,16 @@ specified in the configuration file.
 When this option is used the priority of the tincd process will be adjusted.
 Increasing the priority may help to reduce latency and packet loss on the VPN.
 
+.It Va ReplayWindow Li = Ar bytes Pq 16
+This is the size of the replay tracking window for each remote node, in bytes.
+The window is a bitfield which tracks 1 packet per bit, so for example
+the default setting of 16 will track up to 128 packets in the window.  In high
+bandwidth scenarios, setting this to a higher value can reduce packet loss from
+the interaction of replay tracking with underlying real packet loss and/or
+reordering.  Setting this to zero will disable replay tracking completely and
+pass all traffic, but leaves tinc vulnerable to replay-based attacks on your
+traffic.
+
 .It Va StrictSubnets Li = yes | no Po no Pc Bq experimental
 When this option is enabled tinc will only use Subnet statements which are
 present in the host config files in the local